979bb5c06fbdc20acf7a813e29d2fa45ec1bdae55cf24aeda0396c4c392e9adf | Triage

Submit
Reports

Overview

overview

8

Static

static

979bb5c06f...df.exe

windows7-x64

8

979bb5c06f...df.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

979bb5c06fbdc20acf7a813e29d2fa45ec1bdae55cf24aeda0396c4c392e9adf.exe

Resource

win7-20220812-en

discovery persistence spyware stealer upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

979bb5c06fbdc20acf7a813e29d2fa45ec1bdae55cf24aeda0396c4c392e9adf.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

979bb5c06fbdc20acf7a813e29d2fa45ec1bdae55cf24aeda0396c4c392e9adf
Size

811KB
MD5

3736c890353d8a56c51c1a7c14c669b6
SHA1

138c8e8ef35c32dd4a3280720cd572c14012a452
SHA256

979bb5c06fbdc20acf7a813e29d2fa45ec1bdae55cf24aeda0396c4c392e9adf
SHA512

f868f475279ae753480882dc4210b00a92775667ff176e094c8a3823c04b51f5ea0c1394ef73e28df9be286d48332c14c3f1af2a5fe899fc6ad23970df15f41f
SSDEEP

12288:GghyTeGn9gvichKUOECcFmKkj26Dp1XO6goi+nBhgxDXX66T/lpq8:HhVk7ECPKYr/HjBqVnBG8

Score

N/A

Malware Config

Signatures

Files

979bb5c06fbdc20acf7a813e29d2fa45ec1bdae55cf24aeda0396c4c392e9adf
.exe windows x86

3897c65a7865936ad4dae3d00dfb00ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
DeleteFileA
Sleep
CreateFileA
GetStartupInfoA
GetConsoleTitleW
GlobalFree
GetCalendarInfoA
CloseHandle
lstrlenW
VirtualProtectEx
InitializeCriticalSection
CancelIo
GetFileSize
WriteConsoleW
GetModuleFileNameA
RemoveDirectoryA
LeaveCriticalSection
GetTickCount
GetModuleHandleA
CancelIo
CreateDirectoryW
ReadFile
EnterCriticalSection
GetCommandLineW

user32

GetWindowLongA
PeekMessageA
GetWindowDC
IsWindow
DispatchMessageA
GetWindowLongA
wsprintfA
FillRect
EqualRect
IsWindowVisible
GetSysColor
IsWindowEnabled
MessageBoxA

cryptdlg

CertTrustInit
CertTrustCertPolicy
CertConfigureTrustA
CertTrustCleanup

advapi32

RegCloseKey

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy